Vulnerabilities > Improper Privilege Management

DATE CVE VULNERABILITY TITLE RISK
2025-03-05 CVE-2024-11951 The Homey Login Register plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 2.4.0.
network
low complexity
CWE-269
critical
9.8
2025-03-05 CVE-2024-12281 The Homey theme for WordPress is vulnerable to privilege escalation in all versions up to, and including, 2.4.2.
network
low complexity
CWE-269
critical
9.8
2025-02-27 CVE-2024-2297 Improper Privilege Management vulnerability in Bricksbuilder Bricks
The Bricks theme for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.9.6.1.
network
low complexity
bricksbuilder CWE-269
8.8
2025-02-27 CVE-2025-1295 The Templines Elementor Helper Core plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 2.7.
network
low complexity
CWE-269
8.8
2025-02-22 CVE-2024-22341 IBM Watson Query on Cloud Pak for Data 4.0.0 through 4.0.9, 4.5.0 through 4.5.3, 4.6.0 through 4.6.6, 4.7.0 through 4.7.4, and 4.8.0 through 4.8.7 could allow unauthorized data access from a remote data source object due to improper privilege management.
network
high complexity
CWE-269
5.3
2025-02-11 CVE-2025-0180 The WP Foodbakery plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.3.
network
low complexity
CWE-269
critical
9.8
2025-01-17 CVE-2025-23208 Improper Privilege Management vulnerability in Zotregistry ZOT
zot is a production-ready vendor-neutral OCI image registry.
network
low complexity
zotregistry CWE-269
5.3
2025-01-15 CVE-2024-9636 The Post Grid and Gutenberg Blocks plugin for WordPress is vulnerable to privilege escalation in versions 2.2.85 to 2.3.3.
network
low complexity
CWE-269
critical
9.8
2024-12-19 CVE-2020-15934 Improper Privilege Management vulnerability in Fortinet Forticlient
An execution with unnecessary privileges vulnerability in the VCM engine of FortiClient for Linux versions 6.2.7 and below, version 6.4.0.
local
low complexity
fortinet CWE-269
7.8
2024-12-14 CVE-2024-11721 The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.24.5.
network
high complexity
CWE-269
8.1